Nicolas Mailhot wrote:
What is the general feeling on the list?
1. apply the patch (or a cleaner one if someone writes one - not me my C
is much too rusty) and trust other problems will be caught by glibc?
2. do not apply the patch, trust glibc to catch problems?
I would rather not trust glibc, it might very well do its job, but I
would rather just see the code fixed.
3. pull zoo from FE, instruct current users like amavisd-new to kill zoo
files on sight instead of trying to check them, make them conflict with
zoo to make sure it's removed from user systems?
4. a mix of all this, depending on the FE version?
Hmm, dunno. What about:
5. Get someone todo a proper audit (how big is it anyways, I recently
completed an audit of scorched3d which is huge).
6. Find a replacement:
I've been thinking about packaging http://sourceforge.net/projects/sevenzip
Recently as that will give us opensource support for arj, rar and cab
all in one utility, I dunno if it supports zoo format too, it does
support lots of other formats.
Regards,
Hans